package com.sw.sso.jwt.server.config;

import org.springframework.cloud.bootstrap.encrypt.KeyProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFactory;

import javax.annotation.Resource;
import java.security.KeyPair;

    /**
     * @Description:  使用Jwt存储token的配置
     * @Author:       allenyll
     * @Date:         2020/8/20 7:58 下午
     * @Version:      1.0
     */
    @Configuration
    @Order(-1)
    public class JwtTokenStoreConfig {

        /**
         * 读取密钥的配置
         * @return 配置信息
         */
        @Bean("keyProp")
        public KeyProperties keyProperties(){
            return new KeyProperties();
        }

        @Resource(name = "keyProp")
        private KeyProperties keyProperties;

        @Bean
        public TokenStore jwtTokenStore(JwtAccessTokenConverter jwtAccessTokenConverter) {
            return new JwtTokenStore(jwtAccessTokenConverter);
        }

        @Bean
        public JwtAccessTokenConverter jwtAccessTokenConverter(AuthUserAuthenticationConverter authUserAuthenticationConverter) {
            JwtAccessTokenConverter jwtAccessTokenConverter = new JwtAccessTokenConverter();
            KeyPair keyPair = new KeyStoreKeyFactory(keyProperties.getKeyStore().getLocation(),
                    keyProperties.getKeyStore().getSecret().toCharArray())
                    .getKeyPair(keyProperties.getKeyStore().getAlias(),
                                keyProperties.getKeyStore().getPassword().toCharArray());

            jwtAccessTokenConverter.setKeyPair(keyPair);
            // 配置自定义的用户转换配置器
            DefaultAccessTokenConverter defaultAccessTokenConverter = (DefaultAccessTokenConverter) jwtAccessTokenConverter.getAccessTokenConverter();
            defaultAccessTokenConverter.setUserTokenConverter(authUserAuthenticationConverter);
            return jwtAccessTokenConverter;
        }

}
